[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Error checking out large repository -- illegal padding

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2004-07-30 01:35:42 CEST

Andy Helten wrote:

>> Read chapter 6 closely... these are separate methods of using svnserve.
>>
> I did read it, about 4 times. I guess my assumption was that the svn://
> access method did not encrypt the repository _data_ (did not find this
> explicitly described in the book). Am I wrong here? I understand
> authentication is secured by CRAM-MD5, but that doesn't imply the
> subsequent repository transfer is secure. Is it? If not, these access
> methods are hardly equivalent in terms of security.
>

You are correct. A client speaking svn:// to an svnserve daemon is not
speaking over an encrypted link. (The password never travels over the
network in any form... but the main repository data isn't encrypted.)

I never claimed the two methods were equivalent in terms of security.
:-) I was just pointing out that one method requires an ssh system
account, one does not. Encryption is a separate topic.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jul 30 01:35:25 2004

This is an archived mail posted to the Subversion Users mailing list.